Group-IB has released a new advisory regarding a malware campaign deploying point-of-sale (POS) malware tools to steal credit card information from payment terminals. According to the advisory, the POS malware has been used to steal the information of over 167,000 credit cards. Group-IB identified a command and control server of the POS malware that was poorly configured. Therefore, it provided a way to extract stolen credentials Group-IB says. The cybersecurity firm analyzed the server and concluded that it had hosted another POS malware dubbed Treasure Hunter that has similar capabilities.
Group-IB retrieved information about the infected devices and credit cards compromised during the campaign, which has been active since at least February 2021. The victims of the campaign are mainly based in the US. Group-IB also determined that the operators of the campaign could profit over $3,000,000 if they decide to sell the compromised cards on underground or dark web forums.
Read More: POS Malware Used to Steal Details of Over 167,000 Credit Cards